Fri, Sep 01, 2017 - Page 4 News List

Top hackers discuss IoT vulnerabilities in Taipei

NO DEFENSES:Most IoT applications lack firmware and software updates, which proves problematic in systems’ continued defense against viruses, a security expert said

By Tan Wei-hsu and Jake Chung  /  Staff reporter, with staff writer

The 13th Hacks In Taiwan Conference (HITCON), on Friday and Saturday last week at Academia Sinica, focused on malware Mirai and other potential loopholes in Internet security, such as trojaned subtitle files, while some attendees focused on larger issues, such as potential hacking of Internet of Things (IoT) applications and companies’ intranet servers.

Check Point Software Technologies vulnerability research team leader Omri Herscovici and Check Point security researcher Omer Gull gave a presentation on embedded coding in the subtitle file that enables hackers to spy on users or launch programs remotely.

Tan Kean Siong, an independent security researcher, honeypot hobbyist and member of the Honeynet Project — a “honeypot” refers to the digital baiting of enemy hackers — shared the results of an 18-month home-based Io Toney pot test he ran in 2015.

His team designed a fake device connected to the IoT for fun and deployed it as a single home-based honeypot sensor with Universal Plug and Play (UPnP) and Message Queue Telemetry Transport protocol emulation, Tan said.

After the Mirai botnet attacks this year, they found that their simulated IoT device received 6 million UPnP requests and was made to “assist” in denial of service attacks.

Most IoT applications lack firmware and software updates, which proves problematic in systems’ continued defense against virus and malware coding, Tan said, adding that he wished to draw attention to the importance of protecting information security on IoT devices.

The malware Mirae targets networked devices running Linux systems into remotely controlled “bots” that take part in large-scale network attacks.

It was first detected in August last year by MalwareMustDie, a whitehat malware research group.

Taiwanese white hat hacker Orange Tsai (蔡政達) gave a presentation on how hackers could still initiate server-side request forgery (SSRF) attacks on companies.

It might be a basic hack in the current age, but the more expansive a company’s intranet becomes, the more havoc such attacks could wreak, Tsai said, adding that as most service providers do not offer real-time updates, such basic attacks are still quite effective.

SSRF refers to an attack in which an attacker is able to send a crafted request from a vulnerable Web application, usually to target internal systems behind firewalls that are normally inaccessible to an attacker on an external network.

Meanwhile, HITCON announced the results of its ZeroDay platform program, which it hopes to become a trusted intermediary between white hat hackers and corporations.

“We hope to facilitate communication between the government, corporations and information security groups, as well as foster more individuals skilled in information security,” HITCON said in a statement.

Comments will be moderated. Keep comments relevant to the article. Remarks containing abusive and obscene language, personal attacks of any kind or promotion will be removed and the user banned. Final decision will be at the discretion of the Taipei Times.

TOP top